Open ameygat opened 7 years ago
Have you tried running the webserver in dev mode? This will give you a full stack trace and it will be much easier to narrow down the error.
I ran the server with $python yeti.py webserver I saw following error in consol when entity post call was made: Where json data sent to api was
{'aliases': ['testalias1', 'testalias2'], 'context': {}, 'description': 'This is test description of a actor', 'name': 'Test1', 'source': 'API', 'tags': ['testtag1', 'testtag2'], 'type': 'Actor'}
python yeti.py webserver
[+] Database version is synced with code.
[+] Yeti started. Point browser to http://localhost:5000/
Filter: {} {}
[2017-09-22 01:15:20,253] ERROR in app: Exception on /api/entity/ [POST]
Traceback (most recent call last):
File "/usr/local/lib/python2.7/dist-packages/flask/app.py", line 1982, in wsgi_app
response = self.full_dispatch_request()
File "/usr/local/lib/python2.7/dist-packages/flask/app.py", line 1614, in full_dispatch_request
rv = self.handle_user_exception(e)
File "/usr/local/lib/python2.7/dist-packages/flask/app.py", line 1517, in handle_user_exception
reraise(exc_type, exc_value, tb)
File "/usr/local/lib/python2.7/dist-packages/flask/app.py", line 1612, in full_dispatch_request
rv = self.dispatch_request()
File "/usr/local/lib/python2.7/dist-packages/flask/app.py", line 1598, in dispatch_request
return self.view_functions[rule.endpoint](**req.view_args)
File "/usr/local/lib/python2.7/dist-packages/flask_classy.py", line 200, in proxy
response = view(**request.view_args)
File "/opt/yeti/core/web/helpers.py", line 32, in inner
return f(*args, **kwargs)
File "/opt/yeti/core/web/api/crud.py", line 131, in new
obj = self.objectmanager(**params).save()
File "/usr/local/lib/python2.7/dist-packages/mongoengine/base/document.py", line 77, in __init__
raise FieldDoesNotExist(msg)
FieldDoesNotExist: The fields "set([u'source', u'type', u'context', u'aliases'])" do not exist on the document "Entity"
When I saw the error saying fields does not exist in the entity I remove all those fields and ran with new json data as follows
{'name': 'Test1', 'tags': ['testtag1', 'testtag2'], 'description': 'This is test description of a actor'}
This json was accepted and added as entity but issue is I want to add a Entity as actor and if I can not give the type of Entity then Entity does not get added to the Actors.
Could some one Please provide some guidance as how can I add entity as Actor / TTP / Exploit etc.
@tomchop Any thing from your side ? Can put some light on this matter ?
Right, so it according to this line: FieldDoesNotExist: The fields "set([u'source', u'type', u'context', u'aliases'])" do not exist on the document "Entity"
It seems that you're trying to add an Entity with those fields, which does not match the model defined in Yeti.
POST
ing to /entity
is the right(ish—see below) way to go, but you need a JSON object that matches what Yeti expects. I know that the documentation is very light on what is expected, but the best way to know is to create an entity via the UI and then GET
the JSON representation of it.
Also, it seems that you're creating an Entity
object when you actually want sub-objects (Actor
, Malware
, etc.). You'll have to manually set the _cls
attribute in your request. Also, you'll have to set fields according to entity.py and actor.py (if what you want to add is an actor).
@ameygat - did you manage to get the Entity added to Yeti? for me, even adding entity with minimal parameters also not working.
ERROR:root:An error occurred (500): http://localhost:5000/api/entity/
I am trying to add more functionality to the YetiApi class. When I tried the get entity it worked, but for adding a entity it gives error
ERROR:root:An error occurred (500):
Any pointers towards this would be welcome, There was no documentation of json values of entity object so I did a get entity and used similar json object in entity_add
Following are my functions added to api.py